| Название | code-projects Hospital Management System 1.0 Session Fixiation |
|---|
| Описание | The Hospital Management System uses express-session for session management with a hardcoded and weak secret string ('secret'). The secret is used to sign session cookies, ensuring the integrity of session data. A weak or hardcoded secret allows attackers to forge session cookies, potentially bypassing authentication and impersonating other users. This vulnerability can lead to unauthorized access to sensitive patient records and administrative functions. |
|---|
| Источник | ⚠️ https://github.com/lakshayyverma/CVE-Discovery/blob/main/Hospital%20Management%20System.md |
|---|
| Пользователь | lakshay12311 (UID 91298) |
|---|
| Представление | 10.10.2025 08:47 (8 месяцы назад) |
|---|
| Модерация | 10.10.2025 15:59 (7 hours later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 327932 [code-projects Hospital Management System 1.0 express-session secret слабое шифрование] |
|---|
| Баллы | 20 |
|---|